The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of RuggedCom RuggedSwitch

computer vulnerability CVE-2018-13801 CVE-2018-13802

ROX II: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of ROX II, in order to escalate his privileges.
Impacted products: ROX, RuggedSwitch.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/10/2018.
Identifiers: CERTFR-2018-AVI-476, CVE-2018-13801, CVE-2018-13802, SSA-493830, VIGILANCE-VUL-27455.

Description of the vulnerability

An attacker can bypass restrictions of ROX II, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-13077 CVE-2017-13078 CVE-2017-13079

WPA2: information disclosure via Key Reinstallation Attacks

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Impacted products: SNS, iOS by Apple, iPhone, Mac OS X, ArubaOS, Cisco Aironet, Cisco AnyConnect Secure Mobility Client, ASA, Meraki MR***, Cisco IP Phone, Cisco Wireless IP Phone, Debian, Fedora, FortiGate, FortiOS, FreeBSD, Android OS, Junos OS, SSG, Linux, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, openSUSE Leap, pfSense, 802.11 protocol, RHEL, RuggedSwitch, SIMATIC, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, WindRiver Linux.
Severity: 3/4.
Consequences: data reading.
Provenance: radio connection.
Number of vulnerabilities in this bulletin: 10.
Creation date: 16/10/2017.
Identifiers: ARUBA-PSA-2017-007, CERTFR-2017-ALE-014, CERTFR-2017-AVI-357, CERTFR-2017-AVI-358, CERTFR-2017-AVI-359, CERTFR-2017-AVI-360, CERTFR-2017-AVI-361, CERTFR-2017-AVI-363, CERTFR-2017-AVI-373, CERTFR-2017-AVI-379, CERTFR-2017-AVI-383, CERTFR-2017-AVI-390, CERTFR-2017-AVI-441, CERTFR-2017-AVI-478, CERTFR-2018-AVI-014, CERTFR-2018-AVI-048, cisco-sa-20171016-wpa, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088, DLA-1150-1, DLA-1200-1, DLA-1573-1, DSA-3999-1, FEDORA-2017-12e76e8364, FEDORA-2017-45044b6b33, FEDORA-2017-60bfb576b7, FEDORA-2017-cfb950d8f4, FEDORA-2017-fc21e3856b, FG-IR-17-196, FreeBSD-SA-17:07.wpa, HT208221, HT208222, HT208334, HT208394, JSA10827, K-511282, KRACK Attacks, openSUSE-SU-2017:2755-1, openSUSE-SU-2017:2846-1, openSUSE-SU-2017:2896-1, openSUSE-SU-2017:2905-1, openSUSE-SU-2017:3144-1, RHSA-2017:2907-01, RHSA-2017:2911-01, SSA:2017-291-02, SSA-418456, SSA-901333, STORM-2017-005, SUSE-SU-2017:2745-1, SUSE-SU-2017:2752-1, SUSE-SU-2017:2847-1, SUSE-SU-2017:2869-1, SUSE-SU-2017:2908-1, SUSE-SU-2017:2920-1, SUSE-SU-2017:3106-1, SUSE-SU-2017:3165-1, SUSE-SU-2017:3265-1, SUSE-SU-2017:3267-1, SUSE-SU-2018:0040-1, SUSE-SU-2018:0171-1, Synology-SA-17:60, Synology-SA-17:60 KRACK, USN-3455-1, USN-3505-1, VIGILANCE-VUL-24144, VU#228519.

Description of the vulnerability

An attacker can bypass access restrictions to data via Key Reinstallation Attacks of WPA2, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-12736

RUGGEDCOM ROS: privilege escalation via RCDP

Synthesis of the vulnerability

An attacker can bypass restrictions via RCDP of RUGGEDCOM ROS, in order to escalate his privileges.
Impacted products: ROS, RuggedSwitch.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: LAN.
Creation date: 28/09/2017.
Identifiers: CERTFR-2017-AVI-326, CVE-2017-12736, SSA-856721, VIGILANCE-VUL-23967.

Description of the vulnerability

An attacker can bypass restrictions via RCDP of RUGGEDCOM ROS, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin 23123

RuggedCom ROX: vulnerability

Synthesis of the vulnerability

A vulnerability of RuggedCom ROX was announced.
Impacted products: ROX, RuggedSwitch.
Severity: 2/4.
Consequences: unknown consequence, administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion, data flow, denial of service on server, denial of service on service, denial of service on client, disguisement.
Provenance: document.
Creation date: 03/07/2017.
Identifiers: VIGILANCE-VUL-23123.

Description of the vulnerability

A vulnerability of RuggedCom ROX was announced.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-2686 CVE-2017-2687 CVE-2017-2688

RUGGEDCOM ROX: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of RUGGEDCOM ROX.
Impacted products: ROX, RuggedSwitch.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 29/03/2017.
Identifiers: CERTFR-2017-ALE-006, CVE-2017-2686, CVE-2017-2687, CVE-2017-2688, CVE-2017-2689, CVE-2017-6864, SSA-327980, VIGILANCE-VUL-22280.

Description of the vulnerability

Several vulnerabilities were announced in RUGGEDCOM ROX.

An attacker can bypass file access restrictions, in order to obtain sensitive information. [severity:2/4; CVE-2017-2686]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2017-2687]

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:3/4; CVE-2017-2688]

An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2017-2689]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2017-6864]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 19616

RUGGEDCOM ROS: Man-in-the-Middle of WebUI

Synthesis of the vulnerability

An attacker can act as a Man-in-the-Middle of WebUI on RUGGEDCOM ROS, in order to read or write data in the session.
Impacted products: ROS, RuggedSwitch.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: intranet server.
Creation date: 17/05/2016.
Identifiers: 109737124, VIGILANCE-VUL-19616.

Description of the vulnerability

The RUGGEDCOM ROS product uses the TLS protocol, in order to create secure WebUI sessions.

However, WebUI allows the NULL algorithm (no encryption).

An attacker can therefore act as a Man-in-the-Middle of WebUI on RUGGEDCOM ROS, in order to read or write data in the session.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-7547

glibc: buffer overflow of getaddrinfo

Synthesis of the vulnerability

An attacker, who owns a malicious DNS server, can reply with long data to a client application using the getaddrinfo() function of the glibc, in order to trigger a denial of service, and possibly to run code in the client application.
Impacted products: ArubaOS, Blue Coat CAS, Brocade Network Advisor, Brocade vTM, Cisco ASR, Cisco Catalyst, IOS XE Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Cisco Prime DCNM, Secure ACS, Cisco CUCM, Cisco IP Phone, Cisco Wireless IP Phone, Cisco Wireless Controller, XenDesktop, PowerPath, Unisphere EMC, VNX Operating Environment, VNX Series, ExtremeXOS, BIG-IP Hardware, TMOS, Fedora, QRadar SIEM, Trinzic, NSM Central Manager, NSMXpress, McAfee Email Gateway, McAfee MOVE AntiVirus, VirusScan, McAfee Web Gateway, openSUSE, openSUSE Leap, Palo Alto Firewall PA***, PAN-OS, RealPresence Distributed Media Application, Polycom VBP, RHEL, ROX, RuggedSwitch, Slackware, SUSE Linux Enterprise Desktop, SLES, Synology DS***, Synology RS***, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, VMware vSphere, VMware vSphere Hypervisor, WindRiver Linux.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 16/02/2016.
Revision date: 17/02/2016.
Identifiers: 046146, 046151, 046153, 046155, 046158, 1977665, 478832, 479427, 479906, 480572, 480707, 480708, ARUBA-PSA-2016-001, BSA-2016-003, BSA-2016-004, CERTFR-2016-AVI-066, CERTFR-2016-AVI-071, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, cisco-sa-20160218-glibc, CTX206991, CVE-2015-7547, ESA-2016-020, ESA-2016-027, ESA-2016-028, ESA-2016-029, ESA-2016-030, FEDORA-2016-0480defc94, FEDORA-2016-0f9e9a34ce, JSA10774, KB #4858, openSUSE-SU-2016:0490-1, openSUSE-SU-2016:0510-1, openSUSE-SU-2016:0511-1, openSUSE-SU-2016:0512-1, PAN-SA-2016-0021, RHSA-2016:0175-01, RHSA-2016:0176-01, RHSA-2016:0225-01, SA114, SB10150, SOL47098834, SSA:2016-054-02, SSA-301706, SUSE-SU-2016:0470-1, SUSE-SU-2016:0471-1, SUSE-SU-2016:0472-1, SUSE-SU-2016:0473-1, USN-2900-1, VIGILANCE-VUL-18956, VMSA-2016-0002, VMSA-2016-0002.1, VN-2016-003.

Description of the vulnerability

The glibc library implements a DNS resolver (libresolv).

An application can thus call the getaddrinfo() function, which queries DNS servers. When the AF_UNSPEC type is used in the getaddrinfo() call, two DNS A and AAAA queries are sent simultaneously. However, this special case, and a case with AF_INET6 are not correctly managed, and lead to an overflow if the reply coming from the DNS server is larger than 2048 bytes.

An attacker, who owns a malicious DNS server, can therefore reply with large data to a client application using the getaddrinfo() function of the glibc, in order to trigger a denial of service, and possibly to run code in the client application.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2014-9293 CVE-2014-9294 CVE-2014-9295

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: GAiA, CheckPoint IP Appliance, IPSO, CheckPoint Power-1 Appliance, CheckPoint Security Appliance, CheckPoint Smart-1, CheckPoint VSX-1, IOS XR Cisco, Nexus by Cisco, NX-OS, Cisco CUCM, Cisco Unified CCX, Clearswift Email Gateway, Debian, Black Diamond, ExtremeXOS, Ridgeline, Summit, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, HP-UX, AIX, Juniper J-Series, Junos OS, Junos Space, NSMXpress, MBS, Meinberg NTP Server, NetBSD, NTP.org, openSUSE, Oracle Communications, Solaris, RHEL, ROX, RuggedSwitch, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 19/12/2014.
Revision date: 17/02/2016.
Identifiers: c04554677, c04574882, c04916783, CERTFR-2014-AVI-537, CERTFR-2014-AVI-538, CERTFR-2016-AVI-148, cisco-sa-20141222-ntpd, cpuoct2016, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, DSA-3108-1, FEDORA-2014-17361, FEDORA-2014-17367, FEDORA-2014-17395, FreeBSD-SA-14:31.ntp, HPSBHF03432, HPSBPV03266, HPSBUX03240, JSA10663, MBGSA-1405, MDVSA-2015:003, MDVSA-2015:140, NetBSD-SA2015-003, openSUSE-SU-2014:1670-1, openSUSE-SU-2014:1680-1, RHSA-2014:2024-01, RHSA-2014:2025-01, RHSA-2015:0104-01, sk103825, SOL15933, SOL15934, SOL15935, SOL15936, SSA:2014-356-01, SSA-671683, SSRT101872, SUSE-SU-2014:1686-1, SUSE-SU-2014:1686-2, SUSE-SU-2014:1686-3, SUSE-SU-2014:1690-1, SUSE-SU-2015:0259-1, SUSE-SU-2015:0259-2, SUSE-SU-2015:0259-3, SUSE-SU-2015:0274-1, SUSE-SU-2015:0322-1, USN-2449-1, VIGILANCE-VUL-15867, VN-2014-005, VU#852879.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can predict the default key generated by config_auth(), in order to bypass the authentication. [severity:2/4; CVE-2014-9293]

An attacker can predict the key generated by ntp-keygen, in order to decrypt sessions. [severity:2/4; CVE-2014-9294]

An attacker can generate a buffer overflow in crypto_recv(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in ctl_putdata(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can generate a buffer overflow in configure(), in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2014-9295]

An attacker can trigger an error in receive(), which is not detected. [severity:1/4; CVE-2014-9296]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-7836

Siemens ROS: information disclosure from VLANs

Synthesis of the vulnerability

An attacker can read padding bytes sent by Siemens ROS, in order to obtain sensitive information belonging to another VLANs.
Impacted products: ROS, RuggedSwitch.
Severity: 2/4.
Consequences: data reading.
Provenance: LAN.
Creation date: 23/10/2015.
Identifiers: CVE-2015-7836, SSA-921524, VIGILANCE-VUL-18171.

Description of the vulnerability

The Siemens ROS product can be used to partition networks using VLANs.

When the system sends a frame on the network, it should add padding bytes at the end of the frame. However, the ROS system does not initialize these bytes before reusing the buffer to send another packet (on the same VLAN or not). An attacker can thus obtain fragments of the network traffic of other VLANs.

An attacker can therefore read padding bytes sent by Siemens ROS, in order to obtain sensitive information belonging to another VLANs.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2015-7691 CVE-2015-7692 CVE-2015-7701

NTP.org: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of NTP.org.
Impacted products: ArubaOS, Blue Coat CAS, FabricOS, Brocade Network Advisor, Brocade vTM, Cisco ASR, Cisco ACE, ASA, IOS by Cisco, IOS XE Cisco, Cisco IPS, Nexus by Cisco, NX-OS, Cisco Prime DCNM, Prime Infrastructure, Cisco PRSM, Secure ACS, Cisco CUCM, Cisco Unity ~ precise, Debian, ExtremeXOS, Ridgeline, Summit, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP Switch, AIX, Juniper EX-Series, Juniper J-Series, Junos OS, SRX-Series, McAfee Web Gateway, Meinberg NTP Server, NetBSD, NTP.org, openSUSE, openSUSE Leap, Solaris, pfSense, RHEL, ROX, RuggedSwitch, Slackware, Orolia SecureSync, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu, VxWorks.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on service.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 16.
Creation date: 22/10/2015.
Identifiers: 045915, ARUBA-PSA-2015-010, BSA-2016-004, BSA-2016-005, bulletinjan2016, c05270839, CERTFR-2015-AVI-449, CERTFR-2018-AVI-545, cisco-sa-20151021-ntp, CVE-2015-5196-REJECT, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871, DSA-3388-1, FEDORA-2015-77bfbc1bcd, FEDORA-2016-34bc10a2c8, FreeBSD-SA-15:25.ntp, HPSBHF03646, JSA10711, JSA10898, NetBSD-SA2016-001, ntp_advisory4, openSUSE-SU-2015:2016-1, openSUSE-SU-2016:1423-1, RHSA-2015:1930-01, RHSA-2015:2520-01, RHSA-2016:0780-01, RHSA-2016:2583-02, SA103, SB10164, SOL10600056, SOL17515, SOL17516, SOL17517, SOL17518, SOL17521, SOL17522, SOL17524, SOL17525, SOL17526, SOL17527, SOL17528, SOL17529, SOL17530, SOL17566, SSA:2015-302-03, SSA-396873, SSA-472334, SUSE-SU-2016:1311-1, SUSE-SU-2016:1471-1, SUSE-SU-2016:1912-1, SUSE-SU-2016:2094-1, Synology-SA-18:13, Synology-SA-18:14, TALOS-2015-0052, TALOS-2015-0054, TALOS-2015-0055, TALOS-2015-0062, TALOS-2015-0063, TALOS-2015-0064, TALOS-2015-0065, TALOS-2015-0069, USN-2783-1, VIGILANCE-VUL-18162, VN-2015-009.

Description of the vulnerability

Several vulnerabilities were announced in NTP.org.

An attacker can bypass the authentication in crypto-NAK, in order to escalate his privileges. [severity:3/4; CVE-2015-7871, TALOS-2015-0069]

An attacker can trigger a fatal error in decodenetnum, in order to trigger a denial of service. [severity:2/4; CVE-2015-7855]

An attacker can generate a buffer overflow in Password, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-7854, TALOS-2015-0065]

An attacker can generate a buffer overflow in refclock, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-7853, TALOS-2015-0064]

An attacker can generate a memory corruption in atoascii, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-7852, TALOS-2015-0063]

An attacker can traverse directories in saveconfig, in order to read a file outside the root path. [severity:2/4; CVE-2015-7851, TALOS-2015-0062]

An attacker can trigger a fatal error in logfile-keyfile, in order to trigger a denial of service. [severity:2/4; CVE-2015-7850, TALOS-2015-0055]

An attacker can force the usage of a freed memory area in Trusted Key, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2015-7849, TALOS-2015-0054]

An attacker can force a read at an invalid address with a Mode packet, in order to trigger a denial of service. [severity:2/4; CVE-2015-7848, TALOS-2015-0052]

An attacker can create a memory leak in CRYPTO_ASSOC, in order to trigger a denial of service. [severity:2/4; CVE-2015-7701]

An authenticated attacker can use pidfile/driftfile, to corrupt a file with its privileges (VIGILANCE-VUL-17747). [severity:2/4; CVE-2015-5196-REJECT, CVE-2015-7703]

An attacker can trigger a fatal error in the ntp client, in order to trigger a denial of service. [severity:2/4; CVE-2015-7704]

An attacker can trigger a fatal error, in order to trigger a denial of service. [severity:2/4; CVE-2015-7705]

An unknown vulnerability was announced in Autokey. [severity:2/4; CVE-2015-7691]

An unknown vulnerability was announced in Autokey. [severity:2/4; CVE-2015-7692]

An unknown vulnerability was announced in Autokey. [severity:2/4; CVE-2015-7702]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about RuggedCom RuggedSwitch: